import { Injectable, UnauthorizedException } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { ConfigService } from '@nestjs/config';
import { TokenService } from '../token/token.service';

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy, 'permisson-jwt') {
  constructor(
    private readonly configService: ConfigService,
    private readonly tokenService: TokenService,
  ) {
    super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      ignoreExpiration: false,
      secretOrKey: configService.get('JWT_SECRET'),
    });
  }

  async validate(payload: any): Promise<any> {
    // 这里调用token模块的校验逻辑
    // 只用username解码
    const username = payload?.username;
    if (!username) {
      throw new UnauthorizedException('Token无效');
    }
    // 这里假设token在header中，实际可根据需要调整
    // 直接用tokenService校验
    // 由于passport只传payload，如需原始token可通过request获取
    return payload;
  }
} 